So you thought the facial recognition technology built into your laptop would keep your business and personal information safe? Bwa-ha-ha! Today, the Black Hat DC 2009 security conference found out that, as Vietnam-based security researcher Nguyen Minh Duc puts it, Your Face is NOT Your Password .
Nguyen's paper reveals (PDF link) that it's relatively simple to hack facial recognition systems included in webcam-equipped laptops from Lenovo (Veriface III), ASUS (SmartLogon v1.0.0.0005), and Toshiba (Face Recognition 22.214.171.124). Methods used included using photographs in place of live faces (Facebook, anyone?) and performing brute-force attacks by changing lighting and photo angles in a digitized face until the system permits access.
Are you counting on facial-recogntion technology to keep your stuff safe? Is your company? Hit Comment and sound off on this latest "unbreakable," but now broken, access-control technology.